summaryrefslogtreecommitdiff
path: root/include/sessions.php
diff options
context:
space:
mode:
authorjustauser <[email protected]>2013-07-07 13:57:06 -0400
committerjustauser <[email protected]>2013-07-07 13:57:06 -0400
commit3b96b0ed7cf8d960dd3ec2208ad8addb584bc1c9 (patch)
treed83db38f58511d5648b6bd665ab3760d74e73875 /include/sessions.php
parentef3a8db1cc83e02a9f8933869d19f299f2abe72a (diff)
parente4e9ac1fc288d6715f6419cd4c8a44386362ecf0 (diff)
Merge branch 'master' into hookhead
Conflicts: include/functions.php changes for conflicts with master
Diffstat (limited to 'include/sessions.php')
-rw-r--r--include/sessions.php18
1 files changed, 16 insertions, 2 deletions
diff --git a/include/sessions.php b/include/sessions.php
index 423ef0eda..66214afe7 100644
--- a/include/sessions.php
+++ b/include/sessions.php
@@ -62,11 +62,17 @@
return false;
}
- if ($_SESSION["ref_schema_version"] != session_get_schema_version(true))
+ if ($_SESSION["ref_schema_version"] != session_get_schema_version(true)) {
+ $_SESSION["login_error_msg"] =
+ __("Session failed to validate (schema version changed)");
return false;
+ }
- if (sha1($_SERVER['HTTP_USER_AGENT']) != $_SESSION["user_agent"])
+ if (sha1($_SERVER['HTTP_USER_AGENT']) != $_SESSION["user_agent"]) {
+ $_SESSION["login_error_msg"] =
+ __("Session failed to validate (user agent changed)");
return false;
+ }
if ($_SESSION["uid"]) {
$result = Db::get()->query(
@@ -74,11 +80,19 @@
// user not found
if (Db::get()->num_rows($result) == 0) {
+
+ $_SESSION["login_error_msg"] =
+ __("Session failed to validate (user not found)");
+
return false;
} else {
$pwd_hash = Db::get()->fetch_result($result, 0, "pwd_hash");
if ($pwd_hash != $_SESSION["pwd_hash"]) {
+
+ $_SESSION["login_error_msg"] =
+ __("Session failed to validate (password changed)");
+
return false;
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-08 09:50:18 +0000